<?php
/**
 * Core_Data_Xssscripts
 * Remove javascript: and vbscript: protocols
 *
 * @author Adrian Stolarski
 */
class Core_Data_Xssscripts implements Core_Data_Xssfilterable {
    
    /**
     * xss_filter()
     * filter javascripts and vbscripts protocols
     * 
     * @param type $value
     * @return type $value
     */
    public function xss_filter($value) {
        $value = preg_replace('#([a-z]*)[\x00-\x20]*=[\x00-\x20]*([`\'"]*)[\x00-\x20]*j[\x00-\x20]*a[\x00-\x20]*v[\x00-\x20]*a[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iu', '$1=$2nojavascript...', $value);
        $value = preg_replace('#([a-z]*)[\x00-\x20]*=([\'"]*)[\x00-\x20]*v[\x00-\x20]*b[\x00-\x20]*s[\x00-\x20]*c[\x00-\x20]*r[\x00-\x20]*i[\x00-\x20]*p[\x00-\x20]*t[\x00-\x20]*:#iu', '$1=$2novbscript...', $value);
        $value = preg_replace('#([a-z]*)[\x00-\x20]*=([\'"]*)[\x00-\x20]*-moz-binding[\x00-\x20]*:#u', '$1=$2nomozbinding...', $value);
        return $value;
    }

}
